Yes, Virginia, there is privacy (I hope)

Yes, Virginia, there is privacy (I hope)

It will be just after the start of this year that we all should hear President Obama's stance on recommendations made by the special advisory panel he created last year to review the surveillance programs of the National Security Agency (NSA).

Though not made public, the panel's some 40 recommendations already were completed in December and many leaked to the press. One of these, according to a National Public Radio report last month, already has been shot down by the president – that the agency's internet warfare division, Cyber Command, be moved out of NSA and therefore fall under civilian, rather than current military direction and control. This particular recommendation was made by even some U.S. intelligence officials, who noted that by placing the NSA and Cyber Command under separate leadership no one single military official would have such a great concentration of power and, of course, greater accountability would be achieved.

Other recommendations so far known include establishing standards for searching and monitoring data; having third-parties – rather than the NSA – retain the records collected; stopping the monitoring of foreign leaders' communications without some form of direction from the White House; establishing the practice of introducing opposing lawyers/viewpoints at U.S. Foreign Intelligence Surveillance Court (FISC) hearings during which currently the FISC only hears from government lawyers when considering whether or not to allow a monitoring or surveillance action; separating the NSA's encryption team that is working to strengthen online security from the agency's other code-breaking team that is working to undercut stronger encryption algorithms to allow for easier snooping; and much more.

Already, the president has said he will consider the recommendations put forth, but, by no means implement all or any of them. (Thanks again for affirming my confidence in your wishy-washy actions, Mr. Obama.) For its part, the NSA has maintained its stance that its far-reaching surveillance programs have been absolutely legal. Indeed, the notoriously secret agency has been stumping for itself through a seemingly ineffectual public relations campaign, ending last year with its director, General Keith Alexander, hitting up television news show 60 Minutes to discuss the merits of its surveillance campaign, which prompted many a cynical tweet from IT security and privacy personnel.

Despite the PR road show, quite a few industry pros and the wider public still are miffed. Congress, since news of the snooping hit, has introduced various bills to rein in the agency's surveillance power. And, some leading IT companies – like Google, Yahoo and Facebook – have crafted an open letter calling for change.

Some of these actions seem genuine enough, but the latter brings out that skeptic in me. Just as I've noted in this column before that the NSA and its too-broad surveillance programs must be curtailed, so too do I believe that private companies have a responsibility to customers. Funnily, some of the very companies calling for change in their open letter were noted as readily handing over data to the NSA – though they quickly countered such talk with PR campaigns of their own. And let's not forget that the likes of Facebook and Google, who have been in the spotlight countless times before for privacy trespasses, made news last fall for stomping on user controls, again with changes that either limited one's ability to decide what strangers can see on one's Facebook page or allowed photos and recommendations one's made to be used in ads.

Privacy, as some of us once knew it, is a thing of the past. I know this. But, does that mean we should all shrug our shoulders when various entities continue to push the limits of this world of openness and information ease. Whether the government invades privacy in the name of homeland security or companies trample it for commercial gains, neither group is more right in their actions than the other. Both must be limited in their powers. So, yes, change, indeed, is needed. And that means the very companies calling for it from the NSA and President Obama should be embracing it themselves.

Get SC Media delivered to your inbox

SC Media Featured White Paper of the Day

SC Media Newswire

SC Media Product/Industry Buzz

I would like to receive relevant information via email from Haymarket Media.

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.